Installing HTTPS SSL Wildcard Certificate on JBOSS

by ServerSSL

Installing HTTPS SSL Wildcard Certificate on JBOSS

If you have several sub-domains that you need to secure, you would want to know the steps on installing HTTPS SSL Wildcard Certificate on JBOSS. Since protection of several sub-domains will require a Wildcard SSL Certificate, which is a bit different to install than the standard one, you need to know the steps on how to do this, even if you are already familiar with the installation of standard certificate.

Godaddy is a great option for reliable, cheap SSL certs.  Get the best price.

Installing a Wildcard Certificate on JBOSS

Follow the instructions below to install a Wildcard Certificate on JBOSS:

  • Create the ‘ssl-files’ directory.

The first thing that you want to do is to create a new directory named ‘ssl-files’. This is where you will upload the files that you will use for your Wildcard Certificate installation.

Go to that directory and run this command:

keytool -genkey -alias tomcat -keyalg RSA -keystore tomcat.keystore

Make sure that you provide info on the questions asked on the file. After that, you will have a file named ‘tomcat.keystore’.

To purchase a Wildcard Certificate from GoDaddy or Symantec, run the command below. This will generate a CSR Code for you:

keytool -certreq -keyalg RSA -alias tomcat -file <your-file-name-here>.csr -keystore tomcat.keystore

Copy the content of your CSR file and paste it on your GoDaddy or Symantec account to request for the certificate. Once you are done, wait for a few hours and check the status of your request. Once the certificate can be downloaded, save the cert files somewhere safe.

  • Upload and unzip the zip cert files on your server.

Once you have the zip files of your certificate, upload it on your ssl-file directory. Run the command to unzip the files to be able to get 4 cert files:

unzip <>

Then, run the command below to create a new keystore.tomcat file:

openssl pkcs12 -export -chain -CAfile gd_bundle.crt -in <> .crt -inkey <your-file-name-here>.key -out keystore.tomcat -name tomcat -passout pass:<your-password>

  • Update server.xml.

To update server.xml on the tomcat/conf directory, run the command below:

Connector protocol=”org.apache.coyote.http11.Http11Protocol”

port=”443″ minSpareThreads=”5″ maxSpareThreads=”75″

enableLookups=”true” disableUploadTimeout=”true”

acceptCount=”100″ maxThreads=”200″

scheme=”https” secure=”true” SSLEnabled=”true”

keystoreFile=”C:\Program Files\Apache Software Foundation\Tomcat 6.0\SSL\tomcat.keystore” keystorePass=”changeit.”

clientAuth=”false” sslProtocol=”TLS”/

The tomcat.keystore file that you have can be used on a clustered environment. You will also be able to use it on the remaining servers.

Once you are done with the installation of your Wildcard Certificate, you can check your websites and see if you can access them via HTTPS. You should not have any problems with it when things go as planned.

Just make sure that you also contact your certificate authority to ensure that you are installing your certificate properly. You will also be given instructions by your hosting provider so do not hesitate to contact them when you need to. Ask for specific instructions on how to configure your Wildcard SSL Certificate if you cannot go about it.

Also, make sure that you back up all of your files. this will allow you to correct your mistakes and re-upload your needed files when something goes wrong with the installation and activation of your certificate.

{ 0 comments… add one now }

Leave a Comment

Previous post: